Initial Exam Approach and Reconnaissance

Initial Exam Approach and Reconnaissance

The first hour sets the tone for entire exam experience through systematic initial reconnaissance. After connection verification and proctoring setup, begin with broad network sweeps identifying all targets and services. Run comprehensive Nmap scans against all machines simultaneously while reviewing exam documentation. This parallel approach maximizes early intelligence gathering while nervous energy remains high.

Target prioritization requires balancing point values, perceived difficulty, and personal strengths. Many successful strategies begin with the buffer overflow machine for guaranteed points, as systematic methodology ensures success. Others prefer starting with enumeration-heavy targets while scans complete. Avoid immediately attacking the highest-point machine unless confident in quick success. Early wins build confidence and secure points.

Documentation begins immediately with organized note structures for each target. Create folders for each machine containing enumeration results, exploitation attempts, and screenshots. Use consistent naming conventions enabling quick location of information during report writing. Screenshot everything interesting, even if seemingly irrelevant—report writing under exhaustion makes recreation difficult.

Parallel enumeration maximizes efficiency during initial hours. While detailed scans run against primary targets, perform quick enumeration on all machines. This broad awareness prevents tunnel vision on difficult targets while easier alternatives exist. Set timers for initial enumeration phases, forcing movement between targets rather than fixating on single machines.